|
Alles rund um Windows: Seit einiger Zeit ist der Arbeitspeicher komplett belegt.Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
05.11.2014, 11:35 | #1 |
| Problem: Seit einiger Zeit ist der Arbeitspeicher komplett belegt. Hallo, ich habe Win7 64 Bit und 2 GB Arbeitsspeicher. Seit einiger Zeit ist der Arbeitsspeicher kompeltt voll. Die Leistungsbewertung war vorher bei 2 und jetzt ist sie bei 5,7. Ich habe schon eine Systemwiederherstellung und auch einen Sauberen Neustart versucht, alles ohne erfolg. Avira, Adware Cleaner und Malwarebits zeigen keine Funde an. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014 Ran by Bears (administrator) on BEARS-PC on 04-11-2014 12:07:39 Running from C:\Users\Bears\Desktop Loaded Profiles: Bears & (Available profiles: Bears) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-09-24] (Avira Operations GmbH & Co. KG) ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll () CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20141029182526.dll (McAfee, Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20141029182526.dll (McAfee, Inc.) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) FireFox: ======== FF ProfilePath: C:\Users\Bears\AppData\Roaming\Mozilla\Firefox\Profiles\j12I2X9o.default FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Bears\AppData\Roaming\Mozilla\Firefox\Profiles\j12I2X9o.default\Extensions\abs@avira.com [2014-10-29] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File CHR Profile: C:\Users\Bears\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bears\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-30] CHR Extension: (Google Wallet) - C:\Users\Bears\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-30] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-08-10] (Advanced Micro Devices, Inc.) [File not signed] R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-09-24] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-09-24] (Avira Operations GmbH & Co. KG) S4 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [197960 2011-03-13] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [208272 2011-03-13] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [158832 2011-03-13] (McAfee, Inc.) S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X] S2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X] S2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG) S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65128 2011-03-13] (McAfee, Inc.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [156792 2011-03-13] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [227856 2011-03-13] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [481376 2011-03-13] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [639216 2011-03-13] (McAfee, Inc.) R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75672 2011-03-13] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [98728 2011-03-13] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [281928 2011-03-13] (McAfee, Inc.) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation) R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation) U3 BcmSqlStartupSvc; No ImagePath U2 CLKMSVC10_3A60B698; No ImagePath U2 CLKMSVC10_C3B3B687; No ImagePath U2 DriverService; No ImagePath U2 IAStorDataMgrSvc; No ImagePath U2 iATAgentService; No ImagePath U2 idealife Update Service; No ImagePath U3 IGRS; No ImagePath U2 IviRegMgr; No ImagePath U2 nvUpdatusService; No ImagePath U2 Oasis2Service; No ImagePath U2 PCCarerService; No ImagePath U2 ReadyComm.DirectRouter; No ImagePath U2 RichVideo; No ImagePath U2 RtLedService; No ImagePath U2 SeaPort; No ImagePath U2 SoftwareService; No ImagePath U3 SQLWriter; No ImagePath U2 Stereo Service; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-04 12:07 - 2014-11-04 12:08 - 00012801 _____ () C:\Users\Bears\Desktop\FRST.txt 2014-11-04 12:07 - 2014-11-04 12:07 - 00000000 ____D () C:\FRST 2014-11-04 12:04 - 2014-11-04 12:05 - 00000472 _____ () C:\Users\Bears\Desktop\defogger_disable.log 2014-11-04 12:04 - 2014-11-04 12:04 - 00000000 _____ () C:\Users\Bears\defogger_reenable 2014-11-04 10:49 - 2014-11-04 10:53 - 00002660 _____ () C:\FaceProv.log 2014-11-04 10:47 - 2014-11-04 10:47 - 00380416 _____ () C:\Users\Bears\Desktop\Gmer-19357.exe 2014-11-04 10:46 - 2014-11-04 10:46 - 02114560 _____ (Farbar) C:\Users\Bears\Desktop\FRST64.exe 2014-11-04 10:46 - 2014-11-04 10:46 - 00050477 _____ () C:\Users\Bears\Desktop\Defogger.exe 2014-11-04 10:17 - 2014-11-04 10:17 - 00000000 ____D () C:\Users\Bears\AppData\Local\DiskBoss 2014-11-04 10:15 - 2014-11-04 10:17 - 00021903 _____ () C:\Users\Bears\AppData\Local\HDGraph.log 2014-11-04 10:15 - 2014-11-04 10:15 - 00000000 ____D () C:\Users\Bears\AppData\Local\HDGraph.com 2014-11-03 16:34 - 2014-11-03 16:34 - 00000000 ____D () C:\windows\pss 2014-11-03 16:23 - 2014-11-03 16:42 - 00007605 _____ () C:\Users\Bears\AppData\Local\resmon.resmoncfg 2014-11-03 13:28 - 2014-11-04 09:38 - 02206850 _____ () C:\windows\system32\PsBoot.log 2014-11-03 13:28 - 2014-11-04 09:38 - 00128898 _____ () C:\windows\system32\defragLog.log 2014-10-31 15:12 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll 2014-10-31 15:12 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe 2014-10-31 15:12 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll 2014-10-31 15:12 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll 2014-10-31 15:12 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll 2014-10-31 15:12 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys 2014-10-31 15:12 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys 2014-10-31 15:12 - 2012-06-02 15:57 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-10-31 15:06 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll 2014-10-31 15:06 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll 2014-10-31 14:03 - 2014-10-31 14:04 - 00000000 ___RD () C:\Users\Bears\Desktop\Bears 2014-10-31 10:54 - 2014-07-08 23:38 - 00419992 _____ () C:\windows\system32\locale.nls 2014-10-31 10:54 - 2014-07-08 23:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls 2014-10-31 10:54 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll 2014-10-31 10:54 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll 2014-10-31 10:54 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll 2014-10-31 10:54 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll 2014-10-31 10:53 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL 2014-10-31 10:53 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL 2014-10-31 10:53 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL 2014-10-31 10:53 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL 2014-10-31 10:53 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL 2014-10-31 10:53 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL 2014-10-31 10:53 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL 2014-10-31 10:53 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL 2014-10-31 10:53 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL 2014-10-31 10:53 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL 2014-10-31 10:18 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll 2014-10-31 10:18 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll 2014-10-31 10:06 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll 2014-10-31 10:06 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll 2014-10-31 10:05 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe 2014-10-31 10:05 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\windows\splwow64.exe 2014-10-31 07:28 - 2014-10-31 07:28 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-10-30 15:46 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\windows\system32\browserchoice.exe 2014-10-30 14:24 - 2014-10-30 14:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-10-30 14:23 - 2014-10-30 14:23 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-10-30 14:21 - 2014-10-30 14:29 - 00000000 ____D () C:\ProgramData\Adobe 2014-10-30 14:03 - 2014-10-30 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite 2014-10-30 14:03 - 2014-10-30 14:03 - 00000000 ____D () C:\Program Files (x86)\EPSON 2014-10-30 13:54 - 2014-10-30 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-10-30 13:54 - 2014-10-30 13:54 - 00000000 ____D () C:\Program Files\Common Files\EPSON 2014-10-30 13:51 - 2011-04-20 03:03 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_ILMHJE.DLL 2014-10-30 13:51 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_ID4BHJE.DLL 2014-10-30 13:51 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\windows\system32\E_GCINST.DLL 2014-10-30 13:49 - 2014-10-30 13:54 - 00000000 ____D () C:\ProgramData\EPSON 2014-10-30 13:30 - 2014-10-30 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2014-10-30 13:30 - 2014-10-30 13:30 - 00000000 ____D () C:\Program Files (x86)\EPSON Software 2014-10-30 13:11 - 2014-10-30 13:14 - 31608320 _____ () C:\Users\Bears\Downloads\epson377975eu.exe 2014-10-30 13:11 - 2014-10-30 13:14 - 26340864 _____ () C:\Users\Bears\Downloads\epson327610eu.exe 2014-10-30 13:11 - 2014-10-30 13:13 - 24165952 _____ () C:\Users\Bears\Downloads\epson377869eu.exe 2014-10-30 13:11 - 2014-10-30 13:11 - 04701696 _____ () C:\Users\Bears\Downloads\epson377960eu.exe 2014-10-30 11:28 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll 2014-10-30 11:28 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL 2014-10-30 11:28 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL 2014-10-30 11:28 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll 2014-10-30 10:51 - 2014-10-31 15:18 - 01592784 _____ () C:\windows\SysWOW64\PerfStringBackup.INI 2014-10-30 10:22 - 2014-10-30 10:22 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\Google 2014-10-30 10:18 - 2014-10-30 14:28 - 00000000 ____D () C:\Users\Bears\AppData\Local\Adobe 2014-10-30 10:04 - 2014-10-30 10:04 - 00000000 ____D () C:\Users\Bears\AppData\Local\Opera Software 2014-10-30 10:03 - 2014-10-31 09:59 - 00003852 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1414659733 2014-10-30 10:03 - 2014-10-30 10:03 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\Opera Software 2014-10-30 10:02 - 2014-10-31 10:00 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-10-30 10:02 - 2014-10-30 10:02 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-10-30 07:07 - 2014-10-30 07:07 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-10-30 07:07 - 2014-10-30 07:07 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-10-30 06:54 - 2014-11-03 14:12 - 00053538 _____ () C:\windows\IE11_main.log 2014-10-29 19:45 - 2014-10-29 19:36 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys 2014-10-29 19:38 - 2014-10-29 19:38 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\Mozilla 2014-10-29 19:36 - 2014-10-30 12:59 - 00000000 ____D () C:\ProgramData\Package Cache 2014-10-29 19:34 - 2014-10-29 19:34 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\Avira 2014-10-29 19:31 - 2014-10-30 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-10-29 19:29 - 2014-10-30 12:55 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-10-29 19:29 - 2014-10-29 19:37 - 00000000 ____D () C:\ProgramData\Avira 2014-10-29 19:29 - 2014-09-24 12:44 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys 2014-10-29 19:29 - 2014-09-24 12:44 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys 2014-10-29 19:29 - 2014-09-24 12:44 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys 2014-10-29 18:59 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fs_rec.sys 2014-10-29 18:59 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\wmi.dll 2014-10-29 18:59 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmi.dll 2014-10-29 18:53 - 2014-10-29 18:53 - 00000000 ____D () C:\ProgramData\Licenses 2014-10-29 18:52 - 2014-10-29 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2014-10-29 18:52 - 2014-10-29 18:52 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster 2014-10-29 18:52 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCOMCTL.OCX 2014-10-29 18:52 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSSTDFMT.DLL 2014-10-29 18:47 - 2014-10-29 18:52 - 00000000 ____D () C:\windows\system32\MRT 2014-10-29 18:46 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-10-29 18:42 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll 2014-10-29 18:42 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll 2014-10-29 18:42 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe 2014-10-29 18:42 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe 2014-10-29 18:42 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe 2014-10-29 18:42 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll 2014-10-29 18:42 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe 2014-10-29 18:42 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll 2014-10-29 18:39 - 2014-09-20 01:09 - 17867776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-10-29 18:39 - 2014-09-20 00:55 - 02339328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-10-29 18:39 - 2014-09-20 00:50 - 01385472 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-10-29 18:39 - 2014-09-20 00:49 - 01392128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-10-29 18:39 - 2014-09-20 00:48 - 01494016 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-10-29 18:39 - 2014-09-20 00:48 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\url.dll 2014-10-29 18:39 - 2014-09-20 00:48 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-10-29 18:39 - 2014-09-20 00:47 - 02157056 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-10-29 18:39 - 2014-09-20 00:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2014-10-29 18:39 - 2014-09-20 00:47 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-10-29 18:39 - 2014-09-20 00:47 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-10-29 18:39 - 2014-09-20 00:47 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-10-29 18:39 - 2014-09-20 00:46 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-10-29 18:39 - 2014-09-20 00:46 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-10-29 18:39 - 2014-09-20 00:46 - 00282112 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-10-29 18:39 - 2014-09-20 00:46 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-10-29 18:39 - 2014-09-20 00:46 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll 2014-10-29 18:39 - 2014-09-20 00:45 - 00248320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-10-29 18:39 - 2014-09-20 00:45 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe 2014-10-29 18:39 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-10-29 18:39 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-10-29 18:39 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-10-29 18:39 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-10-29 18:39 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-10-29 18:39 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-10-29 18:39 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll 2014-10-29 18:39 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-10-29 18:39 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-10-29 18:39 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-10-29 18:39 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2014-10-29 18:39 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-10-29 18:39 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-10-29 18:39 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll 2014-10-29 18:39 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-10-29 18:39 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-10-29 18:39 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-10-29 18:39 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-10-29 18:39 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe 2014-10-29 18:39 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-10-29 18:38 - 2014-09-20 00:54 - 10920960 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-10-29 18:38 - 2014-09-20 00:46 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe 2014-10-29 18:38 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe 2014-10-29 18:34 - 2014-10-29 18:36 - 04095448 _____ (BrightFort LLC ) C:\Users\Bears\Downloads\spywareblastersetup50 (1).exe 2014-10-29 18:33 - 2014-10-29 19:15 - 150010760 _____ () C:\Users\Bears\Downloads\avira_free_antivirus_de.exe 2014-10-29 18:32 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll 2014-10-29 18:32 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll 2014-10-29 18:31 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-10-29 18:31 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2014-10-29 18:31 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-10-29 18:31 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll 2014-10-29 18:31 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll 2014-10-29 18:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll 2014-10-29 18:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll 2014-10-29 18:31 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll 2014-10-29 18:31 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe 2014-10-29 18:31 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe 2014-10-29 18:31 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe 2014-10-29 18:31 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe 2014-10-29 18:31 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll 2014-10-29 18:31 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll 2014-10-29 18:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll 2014-10-29 18:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll 2014-10-29 18:31 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll 2014-10-29 18:31 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe 2014-10-29 18:31 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe 2014-10-29 18:31 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe 2014-10-29 18:31 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe 2014-10-29 18:30 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll 2014-10-29 18:30 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll 2014-10-29 18:30 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-10-29 18:30 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2014-10-29 18:30 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2014-10-29 18:30 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll 2014-10-29 18:30 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll 2014-10-29 18:29 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll 2014-10-29 18:29 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll 2014-10-29 18:29 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll 2014-10-29 18:29 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll 2014-10-29 18:29 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll 2014-10-29 18:29 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll 2014-10-29 18:29 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys 2014-10-29 18:29 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys 2014-10-29 18:29 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll 2014-10-29 18:29 - 2012-11-28 23:56 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2014-10-29 18:29 - 2012-10-03 18:44 - 00303104 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll 2014-10-29 18:29 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll 2014-10-29 18:29 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll 2014-10-29 18:29 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll 2014-10-29 18:29 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll 2014-10-29 18:29 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll 2014-10-29 18:29 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll 2014-10-29 18:29 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll 2014-10-29 18:29 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll 2014-10-29 18:29 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys 2014-10-29 18:29 - 2012-01-13 08:12 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll 2014-10-29 18:28 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2014-10-29 18:28 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2014-10-29 18:28 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2014-10-29 18:28 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2014-10-29 18:28 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2014-10-29 18:28 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll 2014-10-29 18:28 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-10-29 18:28 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll 2014-10-29 18:28 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll 2014-10-29 18:28 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL 2014-10-29 18:28 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL 2014-10-29 18:28 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll 2014-10-29 18:28 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll 2014-10-29 18:28 - 2012-01-04 11:44 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll 2014-10-29 18:28 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll 2014-10-29 18:28 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\windows\system32\webio.dll 2014-10-29 18:28 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll 2014-10-29 18:27 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll 2014-10-29 18:27 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll 2014-10-29 18:27 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll 2014-10-29 18:27 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll 2014-10-29 18:27 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll 2014-10-29 18:27 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll 2014-10-29 18:27 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe 2014-10-29 18:27 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe 2014-10-29 18:27 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll 2014-10-29 18:27 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll 2014-10-29 18:27 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys 2014-10-29 18:27 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys 2014-10-29 18:27 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys 2014-10-29 18:27 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys 2014-10-29 18:27 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys 2014-10-29 18:27 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys 2014-10-29 18:27 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys 2014-10-29 18:27 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll 2014-10-29 18:27 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll 2014-10-29 18:27 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll 2014-10-29 18:27 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll 2014-10-29 18:27 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys 2014-10-29 18:27 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys 2014-10-29 18:27 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll 2014-10-29 18:27 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll 2014-10-29 18:27 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll 2014-10-29 18:27 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll 2014-10-29 18:26 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys 2014-10-29 18:26 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll 2014-10-29 18:26 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll 2014-10-29 18:26 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll 2014-10-29 18:26 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll 2014-10-29 18:26 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll 2014-10-29 18:26 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll 2014-10-29 18:26 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll 2014-10-29 18:26 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys 2014-10-29 18:26 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys 2014-10-29 18:26 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys 2014-10-29 18:26 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll 2014-10-29 18:26 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll 2014-10-29 18:26 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys 2014-10-29 18:26 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys 2014-10-29 18:26 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll 2014-10-29 18:26 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll 2014-10-29 18:26 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll 2014-10-29 18:26 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2014-10-29 18:26 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll 2014-10-29 18:26 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll 2014-10-29 18:26 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll 2014-10-29 18:26 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2014-10-29 18:26 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll 2014-10-29 18:26 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll 2014-10-29 18:26 - 2013-04-01 07:03 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_AuthenticAMD.dll 2014-10-29 18:26 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll 2014-10-29 18:26 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys 2014-10-29 18:26 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys 2014-10-29 18:26 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys 2014-10-29 18:26 - 2012-05-01 06:40 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll 2014-10-29 18:26 - 2011-12-30 07:26 - 00515584 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl 2014-10-29 18:26 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl 2014-10-29 18:26 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll 2014-10-29 18:26 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll 2014-10-29 18:25 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll 2014-10-29 18:25 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll 2014-10-29 18:25 - 2011-03-13 11:20 - 00009984 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfeclnk.sys 2014-10-29 18:24 - 2011-03-13 11:20 - 00481376 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfefirek.sys 2014-10-29 18:24 - 2011-03-13 11:20 - 00281928 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfewfpk.sys 2014-10-29 18:24 - 2011-03-13 11:20 - 00227856 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfeavfk.sys 2014-10-29 18:24 - 2011-03-13 11:20 - 00098728 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mferkdet.sys 2014-10-29 18:24 - 2011-03-13 11:20 - 00075672 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfenlfk.sys 2014-10-29 18:24 - 2011-03-13 11:20 - 00065128 _____ (McAfee, Inc.) C:\windows\system32\Drivers\cfwids.sys 2014-10-29 18:23 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2014-10-29 18:23 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe 2014-10-29 18:23 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll 2014-10-29 18:23 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe 2014-10-29 18:23 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll 2014-10-29 18:23 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll 2014-10-29 18:23 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2014-10-29 18:23 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2014-10-29 18:23 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll 2014-10-29 18:23 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll 2014-10-29 18:23 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe 2014-10-29 18:23 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll 2014-10-29 18:23 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2014-10-29 18:23 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2014-10-29 18:23 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys 2014-10-29 18:23 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys 2014-10-29 18:23 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2014-10-29 18:23 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2014-10-29 18:23 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2014-10-29 18:23 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2014-10-29 18:23 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2014-10-29 18:23 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2014-10-29 18:23 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2014-10-29 18:23 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2014-10-29 18:23 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2014-10-29 18:23 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2014-10-29 18:23 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2014-10-29 18:23 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2014-10-29 18:23 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2014-10-29 18:23 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2014-10-29 18:23 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2014-10-29 18:23 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2014-10-29 18:23 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2014-10-29 18:23 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2014-10-29 18:23 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2014-10-29 18:23 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2014-10-29 18:23 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll 2014-10-29 18:23 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll 2014-10-29 18:23 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll 2014-10-29 18:23 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\rdpwsx.dll 2014-10-29 18:23 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\rdrmemptylst.exe 2014-10-29 18:22 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2014-10-29 18:22 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll 2014-10-29 18:22 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2014-10-29 18:22 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2014-10-29 18:22 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll 2014-10-29 18:22 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll 2014-10-29 18:22 - 2011-03-13 16:45 - 00158832 _____ (McAfee, Inc.) C:\windows\system32\mfevtps.exe 2014-10-29 18:21 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll 2014-10-29 18:21 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll 2014-10-29 18:21 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll 2014-10-29 18:21 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll 2014-10-29 18:21 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe 2014-10-29 18:21 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll 2014-10-29 18:21 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll 2014-10-29 18:21 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll 2014-10-29 18:21 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll 2014-10-29 18:21 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll 2014-10-29 18:21 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll 2014-10-29 18:21 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll 2014-10-29 18:21 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs 2014-10-29 18:21 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs 2014-10-29 18:21 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs 2014-10-29 18:21 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs 2014-10-29 18:21 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs 2014-10-29 18:21 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs 2014-10-29 18:21 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs 2014-10-29 18:21 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs 2014-10-29 18:21 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs 2014-10-29 18:21 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs 2014-10-29 18:21 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs 2014-10-29 18:21 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs 2014-10-29 18:21 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs 2014-10-29 18:21 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs 2014-10-29 18:21 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs 2014-10-29 18:18 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2014-10-29 18:18 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2014-10-29 18:18 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2014-10-29 18:18 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2014-10-29 18:18 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2014-10-29 18:18 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2014-10-29 18:18 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2014-10-29 18:18 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2014-10-29 18:18 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2014-10-29 18:18 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2014-10-29 18:18 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2014-10-29 18:18 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2014-10-29 18:18 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2014-10-29 18:18 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2014-10-29 18:18 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-10-29 18:18 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-10-29 18:18 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\windows\system32\msvcrt.dll 2014-10-29 18:18 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcrt.dll 2014-10-29 18:17 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll 2014-10-29 18:17 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll 2014-10-29 18:17 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2014-10-29 18:17 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2014-10-29 18:16 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll 2014-10-29 18:16 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll 2014-10-29 18:15 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys 2014-10-29 18:15 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys 2014-10-29 18:15 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll 2014-10-29 18:14 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll 2014-10-29 18:14 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe 2014-10-29 18:14 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe 2014-10-29 18:14 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll 2014-10-29 18:13 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2014-10-29 18:13 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2014-10-29 18:13 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys 2014-10-29 18:13 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2014-10-29 18:13 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys 2014-10-29 18:13 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll 2014-10-29 18:13 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll 2014-10-29 18:13 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll 2014-10-29 18:13 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll 2014-10-29 18:13 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll 2014-10-29 18:13 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll 2014-10-29 18:13 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2014-10-29 18:13 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll 2014-10-29 18:13 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll 2014-10-29 18:12 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll 2014-10-29 18:11 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll 2014-10-29 18:11 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll 2014-10-29 18:10 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2014-10-29 18:10 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2014-10-29 18:10 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2014-10-29 18:09 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll 2014-10-29 18:09 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2014-10-29 18:09 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll 2014-10-29 18:09 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll 2014-10-29 18:09 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll 2014-10-29 18:09 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll 2014-10-29 18:09 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll 2014-10-29 18:09 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll 2014-10-29 18:09 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll 2014-10-29 18:09 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll 2014-10-29 18:09 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll 2014-10-29 18:09 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll 2014-10-29 18:09 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll 2014-10-29 18:09 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll 2014-10-29 18:09 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll 2014-10-29 18:09 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2014-10-29 18:09 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2014-10-29 18:09 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2014-10-29 18:08 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2014-10-29 18:08 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2014-10-29 18:06 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe 2014-10-29 18:06 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe 2014-10-29 18:05 - 2012-07-06 21:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys 2014-10-29 18:05 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys 2014-10-29 18:04 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll 2014-10-29 18:04 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll 2014-10-29 18:01 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\windows\system32\oleacc.dll 2014-10-29 18:00 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx 2014-10-29 18:00 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll 2014-10-29 18:00 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx 2014-10-29 18:00 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll 2014-10-29 18:00 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe 2014-10-29 18:00 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe 2014-10-29 18:00 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe 2014-10-29 18:00 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe 2014-10-29 18:00 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys 2014-10-29 18:00 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll 2014-10-29 18:00 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll 2014-10-29 18:00 - 2011-08-27 06:37 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll 2014-10-29 18:00 - 2011-08-27 05:26 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll 2014-10-29 18:00 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleacc.dll 2014-10-29 17:35 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys 2014-10-29 17:35 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll 2014-10-29 17:35 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll 2014-10-29 17:35 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe 2014-10-29 17:34 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe 2014-10-29 17:34 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\netapi32.dll 2014-10-29 17:34 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\browser.dll 2014-10-29 17:34 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\browcli.dll 2014-10-29 17:34 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\netapi32.dll 2014-10-29 17:34 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\browcli.dll 2014-10-29 17:34 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll 2014-10-29 17:34 - 2012-05-05 09:36 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2014-10-29 17:34 - 2012-05-05 08:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2014-10-29 17:33 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll 2014-10-29 17:33 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL 2014-10-29 17:33 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL 2014-10-29 17:33 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll 2014-10-29 17:33 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL 2014-10-29 17:33 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll 2014-10-29 17:33 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll 2014-10-29 17:33 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys 2014-10-29 17:33 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\windows\system32\psisdecd.dll 2014-10-29 17:33 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\psisrndr.ax 2014-10-29 17:33 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisdecd.dll 2014-10-29 17:33 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisrndr.ax 2014-10-29 17:32 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll 2014-10-29 17:32 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll 2014-10-29 17:32 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll 2014-10-29 17:32 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll 2014-10-29 17:32 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-10-29 17:32 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-10-29 17:31 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll 2014-10-29 17:31 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll 2014-10-29 15:06 - 2014-11-04 12:05 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-10-29 15:06 - 2014-10-30 10:20 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-10-29 14:05 - 2014-10-30 10:20 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-10-29 14:05 - 2014-10-30 10:20 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-29 14:05 - 2014-10-29 14:05 - 00000000 ____D () C:\windows\system32\Macromed 2014-10-29 14:04 - 2014-10-29 15:05 - 00000427 _____ () C:\windows\SecuniaPackage.log 2014-10-29 13:51 - 2014-10-29 13:52 - 00000000 ____D () C:\Users\Bears\AppData\Local\Microsoft Games 2014-10-29 13:46 - 2014-11-04 10:54 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-29 13:45 - 2014-10-29 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-29 13:44 - 2014-10-29 13:44 - 00000000 ____D () C:\Users\Bears\AppData\Local\Secunia PSI 2014-10-29 13:43 - 2014-11-04 10:49 - 00000000 ____D () C:\AdwCleaner 2014-10-29 13:43 - 2014-10-29 13:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-29 13:43 - 2014-10-29 13:43 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk 2014-10-29 13:43 - 2014-10-29 13:43 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-29 13:43 - 2014-10-29 13:43 - 00000000 ____D () C:\Program Files (x86)\Secunia 2014-10-29 13:43 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-10-29 13:43 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-10-29 13:43 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-10-29 13:38 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll 2014-10-29 13:38 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll 2014-10-29 13:38 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdtcp.sys 2014-10-29 13:34 - 2014-10-30 14:28 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\Adobe 2014-10-29 13:34 - 2014-10-29 13:34 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\Macromedia 2014-10-29 13:31 - 2014-10-29 13:33 - 05329480 _____ (Secunia) C:\Users\Bears\Downloads\PSISetup_3.0.0.9016.exe 2014-10-29 13:30 - 2014-10-29 13:30 - 01998336 _____ () C:\Users\Bears\Downloads\AdwCleaner_4.002.exe 2014-10-29 13:29 - 2014-10-29 13:33 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Bears\Downloads\mbam-setup-2.0.3.1025.exe 2014-10-29 13:26 - 2014-10-30 10:23 - 00000000 ____D () C:\Users\Bears\AppData\Local\Google 2014-10-29 13:25 - 2014-10-31 14:04 - 00000000 ___RD () C:\Users\Bears\Desktop\Unterhaltung 2014-10-29 13:24 - 2014-11-02 12:49 - 00000000 ___RD () C:\Users\Bears\Desktop\Sicherheit 2014-10-29 13:23 - 2014-10-29 13:23 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2014-10-29 13:23 - 2014-10-29 13:23 - 00000000 ____D () C:\Users\Bears\AppData\Local\AMD 2014-10-29 13:22 - 2014-10-29 13:22 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\ATI 2014-10-29 13:22 - 2014-10-29 13:22 - 00000000 ____D () C:\Users\Bears\AppData\Local\ATI 2014-10-29 13:21 - 2014-10-31 10:17 - 00060824 _____ () C:\Users\Bears\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-29 13:21 - 2014-10-29 13:21 - 00001409 _____ () C:\Users\Bears\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-10-29 13:20 - 2014-10-31 14:00 - 00001710 _____ () C:\Users\Bears\Desktop\Downloads.lnk 2014-10-29 13:20 - 2014-10-29 13:21 - 00001443 _____ () C:\Users\Bears\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-29 13:17 - 2014-10-29 13:17 - 00000000 ____D () C:\Users\Bears\AppData\Local\VirtualStore 2014-10-29 13:17 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2014-10-29 13:17 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2014-10-29 13:17 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2014-10-29 13:17 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2014-10-29 13:17 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2014-10-29 13:17 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2014-10-29 13:17 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll 2014-10-29 13:17 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2014-10-29 13:17 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2014-10-29 13:17 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2014-10-29 13:17 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2014-10-29 13:17 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2014-10-29 13:17 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2014-10-29 13:17 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2014-10-29 13:16 - 2014-11-04 12:04 - 00000000 ____D () C:\Users\Bears 2014-10-29 13:16 - 2014-10-29 13:21 - 00000000 ____D () C:\Users\Bears\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2014-10-29 13:16 - 2014-10-29 13:16 - 00000020 ___SH () C:\Users\Bears\ntuser.ini 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Vorlagen 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Startmenü 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Netzwerkumgebung 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Lokale Einstellungen 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Eigene Dateien 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Druckumgebung 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Documents\Eigene Musik 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Documents\Eigene Bilder 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\AppData\Local\Verlauf 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\AppData\Local\Anwendungsdaten 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Users\Bears\Anwendungsdaten 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Programme 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\ProgramData\Favoriten 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2014-10-29 13:16 - 2014-10-29 13:16 - 00000000 __SHD () C:\Recovery 2014-10-29 13:16 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Bears\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-29 13:16 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Bears\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-04 18:33 - 2009-07-14 04:20 - 00000000 __RSD () C:\windows\Media 2014-11-04 18:33 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration 2014-11-04 11:46 - 2012-02-20 18:08 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-04 11:44 - 2012-02-20 16:59 - 01235075 _____ () C:\windows\WindowsUpdate.log 2014-11-04 10:59 - 2012-02-20 08:47 - 00698926 _____ () C:\windows\system32\perfh007.dat 2014-11-04 10:59 - 2012-02-20 08:47 - 00149034 _____ () C:\windows\system32\perfc007.dat 2014-11-04 10:59 - 2009-07-14 06:13 - 01618320 _____ () C:\windows\system32\PerfStringBackup.INI 2014-11-04 10:59 - 2009-07-14 05:45 - 00021072 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-04 10:59 - 2009-07-14 05:45 - 00021072 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-04 10:53 - 2012-02-20 18:10 - 00132429 _____ () C:\windows\system32\fastboot.set 2014-11-04 10:52 - 2012-02-20 18:08 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-04 10:51 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-11-04 10:50 - 2010-11-21 04:47 - 00173290 _____ () C:\windows\PFRO.log 2014-11-04 10:50 - 2009-07-14 05:51 - 00035609 _____ () C:\windows\setupact.log 2014-11-03 13:42 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp 2014-11-03 12:32 - 2012-02-20 17:57 - 00000000 ____D () C:\ProgramData\VeriFace 2014-11-02 12:46 - 2009-07-14 05:45 - 00271440 _____ () C:\windows\system32\FNTCACHE.DAT 2014-10-31 07:29 - 2011-09-29 04:37 - 00000000 ____D () C:\Program Files\Windows Journal 2014-10-31 07:29 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK 2014-10-31 07:29 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR 2014-10-31 07:29 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\zh-HK 2014-10-31 07:29 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\tr-TR 2014-10-31 07:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System 2014-10-31 07:28 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-10-31 07:28 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-10-31 07:28 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism 2014-10-31 07:28 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism 2014-10-30 14:09 - 2012-02-20 17:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-10-30 12:12 - 2012-02-20 17:44 - 00000000 ____D () C:\ProgramData\McAfee 2014-10-30 12:12 - 2012-02-20 17:44 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-10-30 12:10 - 2012-02-20 17:44 - 00000000 ____D () C:\Program Files\Common Files\mcafee 2014-10-29 18:54 - 2012-02-20 17:51 - 00000000 ____D () C:\ProgramData\Temp 2014-10-29 18:37 - 2012-02-20 18:08 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-29 18:37 - 2012-02-20 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-10-29 18:28 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF 2014-10-29 14:20 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache 2014-10-29 14:19 - 2011-02-22 12:19 - 00000000 ____D () C:\windows\Panther 2014-10-29 13:41 - 2012-02-20 18:08 - 00004106 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-29 13:41 - 2012-02-20 18:08 - 00003854 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-29 13:16 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\restore 2014-10-29 13:16 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2014-10-29 13:16 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Recovery 2014-10-29 13:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT Some content of TEMP: ==================== C:\Users\Bears\AppData\Local\Temp\avgnt.exe C:\Users\Bears\AppData\Local\Temp\Quarantine.exe C:\Users\Bears\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2011-02-22 12:19 ==================== End Of Log ============================ |
05.11.2014, 11:38 | #2 |
| Seit einiger Zeit ist der Arbeitspeicher komplett belegt. Anleitung / HilfeCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014 Ran by Bears at 2014-11-04 12:10:44 Running from C:\Users\Bears\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\{BC8AC77D-6A6F-491F-BEED-2958F09C6CAE}) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.33 - Atheros Communications Inc.) ATI AVIVO64 Codecs (Version: 11.6.0.10810 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{42C76910-6CD4-EC68-FB78-0D3DE411AD63}) (Version: 3.0.829.0 - ATI Technologies, Inc.) Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira) Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.50 - Conexant) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Druckerdeinstallation für EPSON SX130 Series (HKLM\...\EPSON SX130 Series) (Version: - SEIKO EPSON Corporation) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden EPSON File Manager (HKLM-x32\...\{D02F30FB-0BC4-419A-9B9C-ADC610029B50}) (Version: 1.3.2.0 - ) EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.1.1821.1806 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.10.1201.1 - Vimicro) Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo) Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 1.2.6.436 - Oberon Media Inc.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.) Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo) Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.) PowerXpressHybrid (x32 Version: 1.00.0000 - ATI) Hidden Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.) Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia) Software Updater (HKLM-x32\...\{7B3A525D-9D3D-4618-AE52-A31DE98C8AC3}) (Version: 4.1.4 - SEIKO EPSON CORPORATION) SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 03-11-2014 13:07:59 Windows Update 04-11-2014 07:58:04 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {30AA31D6-4C32-46EB-A73F-C68C26FA5824} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink) Task: {4275A705-4E24-445B-83A6-F17B4C1ED7E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.) Task: {6937F5AC-4539-43C5-A5A1-9ACBFA83BADF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.) Task: {88A21106-A9A0-4BEE-A5C5-CFDD4AA60DE3} - System32\Tasks\Opera scheduled Autoupdate 1414659733 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-29] (Opera Software) Task: {A2548406-6485-486D-B030-204FEEF92D3A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-30] (Adobe Systems Incorporated) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-02-20 17:57 - 2012-02-20 17:57 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll 2012-02-20 17:57 - 2012-02-20 17:57 - 00628064 _____ () C:\windows\system32\SimpleExt.dll 2014-10-29 18:37 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll 2014-10-29 18:37 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll 2014-10-29 18:37 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll 2014-10-29 18:37 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:5C321E34 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AMD FUEL Service => 2 MSCONFIG\Services: Avira.OE.ServiceHost => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: Secunia PSI Agent => 2 MSCONFIG\Services: Secunia Update Agent => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\windows\pss\Secunia PSI Tray.lnk.CommonStartup MSCONFIG\startupreg: 331BigDog => C:\Program Files (x86)\USB Camera\VM331_STI.EXE MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe MSCONFIG\startupreg: EPLTarget => MSCONFIG\startupreg: Lenovo EE Boot Optimizer => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: UpdateP2GShortCut => "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s ========================= Accounts: ========================== Administrator (S-1-5-21-1415361469-2693387662-4033486994-500 - Administrator - Disabled) Bears (S-1-5-21-1415361469-2693387662-4033486994-1001 - Administrator - Enabled) => C:\Users\Bears Gast (S-1-5-21-1415361469-2693387662-4033486994-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/04/2014 10:52:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/04/2014 10:01:21 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/04/2014 09:39:33 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/04/2014 08:54:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/03/2014 04:43:08 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (11/03/2014 04:38:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/03/2014 04:22:54 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (11/03/2014 04:02:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/03/2014 01:44:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (11/03/2014 01:41:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (11/04/2014 10:53:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Network Agent" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 10:51:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Proxy Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 10:51:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 10:02:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Network Agent" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 09:59:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Proxy Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 09:59:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 09:41:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Network Agent" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 09:39:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee Proxy Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 09:38:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/04/2014 09:17:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme Microsoft Office Sessions: ========================= Error: (11/04/2014 10:52:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/04/2014 10:01:21 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/04/2014 09:39:33 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/04/2014 08:54:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/03/2014 04:43:08 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE Error: (11/03/2014 04:38:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/03/2014 04:22:54 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE Error: (11/03/2014 04:02:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/03/2014 01:44:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE Error: (11/03/2014 01:41:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: AMD E-450 APU with Radeon(tm) HD Graphics Percentage of memory in use: 54% Total physical RAM: 1642.9 MB Available physical RAM: 744.33 MB Total Pagefile: 3715.05 MB Available Pagefile: 1969.32 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:254.14 GB) (Free:226.33 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:0.57 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: FD22277B) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=254.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12) ==================== End Of Log ============================ Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1) Log created at 12:05 on 04/11/2014 (Bears) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-11-04 19:27:56 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000006c WDC_WD32 rev.01.0 298,09GB Running: Gmer-19357.exe; Driver: C:\Users\Bears\AppData\Local\Temp\kgloqpob.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1576] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000751f1465 2 bytes [1F, 75] .text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1576] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751f14bb 2 bytes [1F, 75] .text ... * 2 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[1764] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000751f1465 2 bytes [1F, 75] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[1764] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751f14bb 2 bytes [1F, 75] .text ... * 2 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[1280] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000751f1465 2 bytes [1F, 75] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[1280] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751f14bb 2 bytes [1F, 75] .text ... * 2 .text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[3320] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000751f1465 2 bytes [1F, 75] .text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[3320] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751f14bb 2 bytes [1F, 75] .text ... * 2 ---- Threads - GMER 2.1 ---- Thread C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2944:740] 0000000074a87587 Thread C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2944:356] 000000006f057712 Thread C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2944:2696] 0000000077142e65 Thread C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2944:3264] 0000000077143e85 Thread C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2944:1852] 0000000077143e85 Thread C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2944:4424] 0000000077143e85 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fc1a13 Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 885 Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 499 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fc1a13 (not active ControlSet) ---- EOF - GMER 2.1 ---- |
05.11.2014, 12:40 | #3 |
| Seit einiger Zeit ist der Arbeitspeicher komplett belegt. Details Klick doch einmal, wenn du bei Leistungsinformationen und -tools bist, auf "Was bedeuten diese Werte?".
__________________Grüße. |
05.11.2014, 13:15 | #4 |
| Lösung: Seit einiger Zeit ist der Arbeitspeicher komplett belegt. Hallo, das hab ich schon gemacht und die Vorschläge von Windows zur Leistungsverbesserung. Ich hab die Visuellen Effekte angepasst, den Datenträger bereinigt, einen sauberen Neustart gemacht und die Leistungsüberwachung zeigt an das der Arbeitsspeicher wenn keine Programme offen sind 74% belegt ist. Bei allen Programmen und Browser kommt nach kurzer Zeit keine Rückmeldung oder es dauert ewig bis sie sich öffnen. |
05.11.2014, 19:51 | #5 | |
| Wie Seit einiger Zeit ist der Arbeitspeicher komplett belegt.Zitat:
mit einem A450 Notebook und Win7 64 Bit mit 2 GB Arbeitsspeicher bist Du an der unteren Skala der Mindestanforderung für Windows 7. Auch die Onboard Grafikkarte reserviert sich je nach Konfiguration seinen Anteil vom Arbeitsspeicher und da wird dieser sehr schnell zum Engpass/Flaschenhals. Wie der Zufall will, habe ich in meinem Portfolio ein Asus A450 Notebook, von diesem poste ich mal die Leistungsdaten damit Du etwas zum vergleichen hast. Ich würde Dir zum Aufrüsten des Arbeitsspeicher raten, hierzu müsstest Du uns aber schon den genauen Notebook-Typ angeben. Nach den FRST-Logfile hast Du ein Notebook von Lenovo oder? Leistungsindex und Basisinformationen. FRST-Additional: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014 Ran by TB-Test at 2014-11-05 18:46:24 Boot Mode: Normal ========================================================== ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CapsHook => AsusSender.exe C:\Program Files (x86)\ASUS\CapsHook\CapsHook.exe MSCONFIG\startupreg: Google Update => "C:\Users\Anwender\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: HotkeyMon => AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe MSCONFIG\startupreg: HotkeyService => AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: SuperHybridEngine => AsusSender.exe C:\Program Files (x86)\ASUS\SHE\SuperHybridEngine.exe MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ==================== Memory info =========================== Processor: AMD E-450 APU with Radeon(tm) HD Graphics Percentage of memory in use: 35% Total physical RAM: 3692.39 MB Available physical RAM: 2365.96 MB Total Pagefile: 7382.95 MB Available Pagefile: 5842.35 MB Total Virtual: 8192 MB Available Virtual: 8191.86 MB ==================== End Of Log ============================ http://www.notebookcheck.com/AMD-E-S...r.60137.0.html Viel Erfolg. LG JF Geändert von JFrosch (05.11.2014 um 20:46 Uhr) Grund: Korrektur msconfig Aussage |
05.11.2014, 20:48 | #6 |
| Wo Seit einiger Zeit ist der Arbeitspeicher komplett belegt. Lösung! Ja das ist ein Lenovo G575 Notebook |
05.11.2014, 21:02 | #7 |
| Seit einiger Zeit ist der Arbeitspeicher komplett belegt. Hallo, bitte um die Rückmeldung/Angabe der exakten/genauen Typbezeichnung, es gibt verschiedene Ausführungen vom Lenovo G575! Die Details sollten auf dem Typenschild oder einem Barcode angegeben sein, evtl hilft ja die Rechnung/Handbuch. Zum Beispiel dieses: Lenovo G575 (M5233GE)-> Lenovo G575 4383 - E-350 1.6 GHz - Windows 7 Home Premium 64-Bit-Edition - 3 GB RAM - 320 GB HDD - DVD-Writer - 39.6 cm ( 15.6" ) 1366 x 768 ( HD ) - AMD Radeon HD6310. Danke Dir. LG JF. Edit: In einer Beschreibung zum Lenovo G575 wird neben einem anderem Prozessor auch der vorhandene Arbeitsspeicher von 3GB Ram erwähnt, hm..Du hast nur 2GB Ram->bist Du Dir sicher? http://www.notebookinfo.de/notebooks...n/lenovo-g575/ Geändert von JFrosch (05.11.2014 um 21:08 Uhr) Grund: Edit hinzu |
06.11.2014, 08:32 | #8 |
| Seit einiger Zeit ist der Arbeitspeicher komplett belegt. Das ist ein Lenovo G575 (M524GGE) Lenovo G575 4383 AMD E-450 APU with Radeom (tm) HD Graphics 1,65 Ghs 2,00GB Ram Microsoft Windows 7 Home Premium 64 Bit Betriebssystem, 320GB HDD, DVD Writer, 93,6 (15.6") 1366 x 768 (HD)- AMD Radeon HD6320M |
06.11.2014, 10:25 | #9 | |
| Seit einiger Zeit ist der Arbeitspeicher komplett belegt.Zitat:
danke für die Rückmeldung, aus meiner Sicht bestehen drei Optionen: 1. nicht benötigte Programme und Browser Add on deinstallieren (hilft nicht wirklich) 2. PC Geschäft aufsuchen, Ramerweiterung (je nach Geldbeutel) um 2GB/4GB beauftragen 3. Die Ramaufrüstung selbst durchführen, hierzu Handbuch lesen, die Wartungsklappe mit den Ram- Steckplätzen befindet sich bei meinem Asus E-450 Notebook auf der unteren Seite! Über den Verwendungszweck des Notebook nachdenken. (PC Ersatz? ->falsche Wahl) Viel Erfolg. Lg JF Geändert von JFrosch (06.11.2014 um 10:39 Uhr) |
Themen zu Seit einiger Zeit ist der Arbeitspeicher komplett belegt. |
administrator, adobe flash player, adware, antivir, antivirus, avira, browser, explorer, flash player, google, helper, home, iexplore.exe, installation, mozilla, neustart, opera, proxy, registry, scan, services.exe, siteadvisor, software, svchost.exe, windows |